rm -rf remains

read

Just for fun, I decided to launch a new Linux server and run rm -rf / as root to see what remains. As I found out, rm lives in the future with idiots like me, so you have to specify --no-preserve-root to kick this exercise off.

# rm -rf --no-preserve-root /

After committing this act of tomfoolery, great utilities like

/bin/ls

/bin/cat

/bin/chmod

/usr/bin/file

will all be gone! You should still have your connection over SSH as well as your existing bash session. This means you have all the bash builtins, like echo.

Even if we echo all the bytes we need into creating entire binaries, those files won’t be executable. No way to start busybox. The easiest workaround for this is to find something which is executable and overwrite it with echo. We’ve nuked all of /usr and /bin at this point though, so that’s a bit tricky.

We can use shell globs and bash logic to find files with the executable bit set, making sure to ignore directories.

Time to enable setx as a built in and get busybox executable

For all my blog posts I’ve decided to hold discussion on Reddit, linking to the post. Today’s post is on /r/linux and on /r/programming, but feel free to cross post it. PM me if you want me to link it here. Alternatively, you can reach me on Twitter.